Create a Post
Showing results for 
Search instead for 
Did you mean: 

Is that possible to bypass LACP in CheckPoint with Bridge mode?

Dear All,


Due to some reasons, we need to have below design:


Both Cisco switches have the LACP group 3 mode active for Port7 and Port8.


And we have two A-A clusters CPs with bridge mode [P1 and P2] trying to scan the LACP traffic.


We just find that both Cisco can not form the LACP now, any advice?


Without the CPs and if both Cisco directly connected [7<->7, 8<->8] the LACP will work back.












0 Kudos
3 Replies

I don't think this is possible as LACP is negotiated by bridge/switch ports in a point to point fashion; you can't pass LACP generated by a switch port through a second switch/bridge to yet another port on a third switch, at least to my knowledge.  You'll need to set up LACP on the Gaia interfaces as well to make this work.

Book "Max Power 2020: Check Point Firewall Performance Optimization" Third Edition
Now Available at

Well, I try to set up Bonds on my two CPs.
Let say Bond1 and Bond2 are configured as a bridge.
Bond1 and Bond2 include P1 and P2 respectively.

I can then make the LACP up with failover but only the Master Unit CP1 connected wire, so there is no Load Balancing.

Appreciate it if I can let the slave CP unit line LACP up also.
0 Kudos

Might I know if CP has command like "set l2forward enable" on Fortigate?
0 Kudos